You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@knox.apache.org by "Kevin Risden (Jira)" <ji...@apache.org> on 2020/07/30 19:38:00 UTC

[jira] [Created] (KNOX-2434) Knox should fallback to JDK default keystore/truststore type instead of hardcoding JKS

Kevin Risden created KNOX-2434:
----------------------------------

             Summary: Knox should fallback to JDK default keystore/truststore type instead of hardcoding JKS
                 Key: KNOX-2434
                 URL: https://issues.apache.org/jira/browse/KNOX-2434
             Project: Apache Knox
          Issue Type: Improvement
          Components: Server
    Affects Versions: 1.4.0
            Reporter: Kevin Risden
            Assignee: Kevin Risden
             Fix For: 1.5.0


Currently Knox has a few configuration options for overriding the keystore/truststore type and if these are not specified it falls back to hardcoded "JKS". This should fallback instead of the JDK default configured keystore/truststore type. This will cause issues when an administrator wants to control the keystore type globally at the JDK level. This happens when doing FIPS crypto modules.

It would be better to use KeyStore.getDefaultType() instead of hardcoding JKS.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)